<?php

session_cache_limiter('private');
session_start();
if (!isset($_SESSION['uid']))
{
	header('Location:index.php?redirection=' . urlencode( $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'] ) );
	exit;
}
include('config.php');
$secureurl_obj = New phpsecureurl();

    $lrequest_id = $_REQUEST['id']; 
if(strchr($_REQUEST['id'], '_') )
{
	    list($_REQUEST['id'], $lrevision_id) = split('_' , $_REQUEST['id']);
		$lrevision_dir = $GLOBALS['CONFIG']['revisionDir'] . '/'. $_REQUEST['id'] . '/';
}
if( !isset ($_REQUEST['last_message']) )
{	
        $_REQUEST['last_message']='';	
}
if(!isset($_GET['submit']))
{
	draw_header('View File');
	draw_menu($_SESSION['uid']);
	draw_status_bar('File View',$_REQUEST['last_message']);
	$file_obj = new FileData($_REQUEST['id'], $GLOBALS['connection'], $GLOBALS['database']);
	$file_name = $file_obj->getName();
	$file_id = $file_obj->getId();
	$realname = $file_obj->getName();
	
	$suffix = '';
    if(strchr($realname, '.'))
    {
        $prefix = (substr($realname,0,(strrpos($realname,"."))));
        $suffix = strtolower((substr($realname,((strrpos($realname,".")+1)))));    
    }
	if( !isset($GLOBALS['mimetypes']["$suffix"]) )
	{	
                $lmimetype = $GLOBALS['mimetypes']['default'];	
        }
	else 
	{	
                $lmimetype = $GLOBALS['mimetypes']["$suffix"];	
        }
	echo '<form action="view_file.php" name="view_file_form" method="get">';
	echo '<INPUT type="hidden" name="id" value="'.$lrequest_id.'">';
	echo '<INPUT type="hidden" name="mimetype" value="'.$lmimetype.'">';
	echo '<BR>';
	echo 'To view your file in a new window <a class="body" style="text-decoration:none" target="_new" href="view_file.php?submit=view&id='.urlencode($lrequest_id).'&mimetype='.urlencode("$lmimetype").'">Click Here</a><br><br>';
	echo 'If you are not able to do so for some reason, ';
	echo 'click <input type="submit" name="submit" value="Download"> to download the selected document and begin downloading it to your local workstation for local view.';
	echo '</form>';

    draw_footer();
}
elseif ($_GET['submit'] == 'view')
{
    $file_obj = new FileData($_REQUEST['id'], $GLOBALS['connection'], $GLOBALS['database']);
    checkUserPermission($_REQUEST['id'], $file_obj->READ_RIGHT);
    $realname = $file_obj->getName();
    if( isset($lrevision_id) )
    {	
        $filename = $lrevision_dir . $lrequest_id . ".dat";
    }
    elseif( $file_obj->isArchived() )
    {	
        $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . ".dat";   
    }
    else
    {	
        $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . ".dat";	
    }

    if ( file_exists($filename) )
    {
        header('Content-Length: '.filesize($filename));
        header ('Cache-control: private');
        header('Content-Type: ' . $_GET['mimetype']);
        header('Content-Disposition: inline; filename="' . $realname . '"');
        $modified=filemtime($filename);
        header('Last-Modified: '. date('D, j M Y G:i:s T',$modified));   
        readfile($filename);
    }
    else
    {
        echo 'File does not exist...';
    }
}
elseif ($_GET['submit'] == 'Download')
{
    $file_obj = new FileData($_REQUEST['id'], $GLOBALS['connection'], $GLOBALS['database']);
    
    checkUserPermission($_REQUEST['id'], $file_obj->READ_RIGHT);
    $realname = $file_obj->getName();
    if( isset($lrevision_id) )
    {   
        $filename = $lrevision_dir . $lrequest_id . ".dat";
    }
    elseif( $file_obj->isArchived() )
    {   
        $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . ".dat";   
    }
    else
    {   
        $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . ".dat";   
    }

    if (file_exists($filename))
    {
        // send headers to browser to initiate file download
        header('Cache-control: private');
		header ('Content-Type: '.$_GET['mimetype']);
        header ('Content-Disposition: attachment; filename="' . $realname . '"');
        header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
        header('Pragma: public');
        readfile($filename);
    }
    else
    {
        echo 'File does not exist...';
    }

}
else
{
    echo 'Nothing to do ';
    echo 'submit is ' . $_GET['submit'];
}
?>
